Bolstering Rail Cybersecurity for Onboard and Wayside Systems

If industry data is any indicator, then it’s safe to say that demand for high-speed rail is on the rise. For passenger railroad company Amtrak, for example, U.S. rail trips were up 24% in 2023, and it’s preparing for ridership to double by 2040.

As more people use public transportation, there will be more passenger demands to address. For example, an international survey led by transportation company RATP Dev reveals that, as people rely more on rail transportation, they also seek faster, more accessible and less crowded experiences.

Rail tech comes with risks

To offer the easy, comfortable and attractive options that passengers want, railroads have no choice but to integrate technology into their operations, both trackside and onboard.

But this digital transformation brings the potential for rail cybersecurity risks that could lead to the compromise of passenger data, disabled signaling, locomotive miscommunication or train derailment and cause damage, injury or worse.

As a result, the industry must prioritize rail cybersecurity improvements—specifically when it comes to operational technology (OT).

OT networks connect the machines, equipment and devices that control train movement and operation. Protecting these mission-critical networks and the systems connected to them with tailored rail cybersecurity solutions ensures passenger and cargo safety.

Improving rail cybersecurity posture: 6 challenges that call for tailored solutions

When it comes to operations and systems, the rail industry stands alone. No other industry is quite like it, and many of the systems it relies on are exclusive to rail.

As a result, there are unique challenges to work around to create a strong rail cybersecurity posture.

1. Network designs are unique

Rail-specific networks have limited train-to-ground connectivity and dynamic coupling support requirements, which make them unique compared to other OT network configurations.

2. Third parties require compliance

Government, insurance companies and other third parties require rail transportation systems to comply with specific certifications, standardizations and laws.

Cybersecurity standard TS 50701 is a good example. Issued by CENELEC, it’s the first international standard that provides cybersecurity guidance for rail applications.

Other standards and recommendations that must be considered include Australian Standard AS 7770, NIST Cybersecurity Framework, TSA’s Rail Cybersecurity Mitigation Actions and Testing directive and local regulatory requirements.

3. Trains pose space constraints

Train designs prioritize space for passengers, not equipment: The space is narrow and can’t be expanded once it’s in use. Unlike a data center, where a technician or operator can usually place another rack to house more equipment when needed, there's very little space available on a train to implement new cybersecurity solutions.

Therefore, prioritizing a small footprint without compromising functionality or performance is important when selecting products and solutions to serve these environments.

4. Power availability may be limited

Because electricity use must be prioritized first to help trains run at high speeds, there are power constraints to consider when deploying cybersecurity solutions.

5. Rail environments aren’t ideal testbeds

The systems used to support rail transportation are typically designed to last for decades—not just a few years. Thus, there isn’t always wiggle room to test new technology or be an early adopter of emerging innovation.

The risk involved when a new technology or system doesn’t work out is also much higher with rail systems, since entire transportation operations can come to a halt.

6. Trains are always moving

Trains and their infrastructure are dynamic. Because they’re always moving, their security posture is always changing. This makes monitoring and detection more challenging.

Enhancing rail cybersecurity for rolling stock and signaling systems

Due to the distinct operational systems and challenges of rail technology, a customized cybersecurity strategy is essential to protect people and assets.

Belden’s partnership with Cylus—a cybersecurity company focused exclusively on the rail industry—brings two cutting-edge security products together. We’ve created a next-generation industrial firewall that protects railway rolling stock and signaling systems while aligning with the physical requirements of train builders, the needs of train operators and the demands of passengers.

Through the interoperability of the CylusOne™ rail cybersecurity platform and Belden’s next-generation industrial firewall EAGLE40-6M, rail operators now have access to an industry-leading cybersecurity solution that addresses the challenges of improving security posture in rail environments by:

• Decreasing physical space requirements to deploy a rail cybersecurity solution
  
  
• Reducing power consumption associated with cybersecurity efforts
  
  
• Ensuring compliance with international rail safety and cybersecurity standards
  
  
• Supporting the dynamic and unique needs of rail transportation

CylusOne and EAGLE40-6M combine deep packet inspection (DPI) of onboard and wayside communications with rail asset/system visibility and comprehensive threat detection and remediation to help train operators answer questions like:

• Where is our fleet right now?
• How are our trains functioning?
• How is our OT network performing?
• Are any devices or systems down? What’s causing this downtime?
• What routes are being followed?
• Which assets are up to date in terms of security? Which assets need patches or updates?
• Are passenger Wi-Fi systems secure?
• Are we protected from ransomware attacks?
• Are we equipped to manage network vulnerabilities to prevent data breaches?
• Are our onboard infotainment systems safe from malware attacks and hackers?

As the rail industry continues to adopt automated, wireless and connected technologies, this partnership between Belden and Cylus will make sure your critical assets are protected from cyberattacks.

Learn how we support mass transit operations.

Related links:

Why and How You Should Track Warehouse Safety KPIs

Why Warehouses Now Need Dedicated Warehouse Automation Networks

Planning an OT Network for Your Warehouse? Here’s Where to Start

Guest Author

Miki Shifman

CTO and cofounder at Cylus

Miki Shifman has more than a decade of experience in software engineering, research, and management. Prior to launching Cylus, he served as a cyber researcher and R&D leader in the Cyber R&D Division of the Israel Defense Force’s Elite Technological Unit.